On Mon, Jul 25, 2011 at 2:18 PM, Geoff Millikan <gmillikan@xxxxxxxxxxxxx> wrote: >>> When both RequestReadTimeout and Timeout values are set, the smaller >>> of the two takes precedence, right? For example, if Timeout 6 and >>> RequestReadTimeout header=10 body=30 then Apache will close the connection >>> at 6 seconds and the RequestReadTimeout will never be activated, right? > >> No. The Timeout refers to each individual read or write, so you can >> easily take more than 10 seconds end-to-end to read the headers but >> have never waited more than 5 seconds for an individual read. > > How could it easily take more than 10 seconds end-to-end to read the headers? For example let's assume we have request headers of > 4000 bytes (which is bigger than average) and a dial up connection of 56 kbps. The headers should transfer in 0.57 seconds (not > accounting for slow start and other TCP/IP oddities). Assuming a 300% error margin for the end-to-end to read, we're still only at > 1.71 seconds You didn't restrict the question to non-malicious (or otherwise exceptional) clients. I was describing how a request can pass the Timeout check easily (sending a byte every few seconds) but still get easily caught within the RequestReadTimeout -- the Timeout does not take precedence. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|